Membership Contracts

Generate customer portal authentication token

Generates an authentication token for customer portal access using either customer ID or email address. This token can be used to create magic links or authenticate API requests on behalf of a customer.

Full behavior, validation rules, and side effects

Key Features:

Flexible Lookup: Find customer by Shopify customer ID OR email address
JWT Token: Returns cryptographically secure JSON Web Token
Portal Access: Token grants access to customer subscription management portal
API Authentication: Can be used in subsequent API calls for customer-specific operations
Time-Limited: Token expires after configured duration (default: 24-72 hours)

Request Parameters: Provide either customerId OR email (not both):

customerId: Shopify customer ID (numeric string, e.g., “6789012345”)
email: Customer’s email address as registered in Shopify

Response Contains:

customerId: Shopify customer ID associated with the token
token: JWT authentication token for portal access
shop: Store domain the customer belongs to
expiresAt: Token expiration timestamp (ISO 8601)

Common Use Cases:

Generate token to construct customer portal magic links
Authenticate customer in headless commerce implementations
Validate customer identity before allowing subscription changes
Create custom portal integrations with embedded authentication
Server-side customer lookup when only email is available
Build custom subscription management UIs with API authentication
Integrate with external CRM systems requiring customer tokens

Token Usage: Once generated, the token can be:

Embedded in magic link URLs: https://portal.example.com?token={token}
Used as Bearer token in Authorization headers for API calls
Stored temporarily for customer session management
Passed to frontend applications for customer-specific operations

Security Best Practices:

Never expose tokens in client-side logs or browser storage
Transmit tokens only over HTTPS
Implement token rotation for long-lived sessions
Validate token expiration before use
Revoke tokens when customer logs out or changes credentials

Error Handling:

If neither customerId nor email is provided, returns 400 Bad Request
If both customerId and email are provided, customerId takes precedence
If customer not found, returns 404 Not Found
Invalid email format returns 400 Bad Request

Authentication: Requires API key authentication via X-API-Key header or api_key parameter

GET

api

external

customer-portal-token

Generate customer portal authentication token

curl --request GET \
  --url https://membership-admin.appstle.com/api/external/v2/customer-portal-token

{
  "customerId": 123,
  "token": "<string>"
}

Headers

X-API-Key

string

Query Parameters

api_key

string

API Key (Deprecated - Use Header X-API-Key instead)

customerId

string

Shopify customer ID (provide either customerId OR email)

string

Customer email address (provide either customerId OR email)

Response

Customer portal token generated successfully, returns customer ID and authentication token

customerId

integer<int64>

token

string

Generate customer portal magic link

Sync customer information

Generate customer portal authentication token

curl --request GET \
  --url https://membership-admin.appstle.com/api/external/v2/customer-portal-token

{
  "customerId": 123,
  "token": "<string>"
}

Get Started

Guides

Partner Integration

Webhooks

Admin API

Customer Portal API

Generate customer portal authentication token

Headers

Query Parameters

Response

Get Started

Guides

Partner Integration

Webhooks

Admin API

Customer Portal API

Documentation Index

Headers

Query Parameters

Response